Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in Ektron Content Management System before 9.1.0.184SP3(9.1.0.184.3.127) allows remote attackers to inject arbitrary web script or HTML via the rptStatus parameter in a Report action to WorkArea/SelectUserGroup.aspx.
References 1 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 1 Total
- securityfocus.com: 20170619 Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting mailing-listx_transferred